Artificial intelligence (AI) is, fundamentally, the ability of computers to carry out tasks that have usually required human intelligence. AI uses algorithms to analyse and develop predictions from data- learning and improving over time as a human would. While standard programs will be created to carry out a specific task, AI is able to carry out a task while learning from it and improving upon it at the same time. Strong AI systems can work around problems and work around new scenarios. Lots of data is required in the creation of AI systems, resulting in impressive computing power for given tasks. Although not the same as the human brain, as this is able to apply computing power to a wide range of tasks, AI can apply a stronger power to a smaller range.
Machine (ML) learning is used within AI to identity patterns and predict outcomes. Using algorithms on inputted data, machine learning can find patterns that humans might sometimes miss, working fast and effectively to apply patterns to real life scenarios. A good example of machine learning in action is Netflix. Machine learning is used throughout Netflix to monitor viewing history of yourself and others with similar preferences to create personalised watching recommendations.
Both artificial intelligence and machine learning have provided negative and positive impacts upon cyber security. While allowing for stronger cyber security measures, their sophisticated programs can be, and have been, used with malicious intentions.
The benefits that AI and ML provide to cyber security are numerous. Their technologies can ‘learn’ from past experience of attacks by recognising patterns, thus reducing response time and creating a much more secure system. Threat hunting can be applied, which increases threat detection rates up to 95% compared to traditional techniques which only work for previously encountered threats. AI can warn of threats which have not yet been discovered, but may produce false positives. Because of this, an application of both AI methods and traditional techniques will be most effective. Further, AI is able to offer vulnerability management, detecting and defending against vulnerabilities before they have been reported. AI can also improve network security by recommending security policies based on network traffic patterns witnessed by the AI systems. Finally, using AI within an organisation can enhance the running of data centers, monitoring and improving the workings of processes such as power consumption, cooling filters and internal temperatures. Through AI observations, data centres can become more effective and efficient at the running and security of the infrastructure and hardware of an organisation.
While AI is clearly capable of improving upon many elements of cyber security, it does have its drawbacks. First, AI systems are not accessible to all- they need considerable amounts of time and money to be constructed and maintained. Similarly, they require vast data sets, as this is how AI systems ‘learn’. Again, many organisations will not have the money or time required to gather these data sets. As expected, with the good comes the bad, and hackers have also found ways to work around AI systems and use it themselves. Where AI security is in place, cyber criminals can use their own AI to improve upon their malware tools, increasing their chances of getting through these sophisticated security barriers. Using AI tools, malicious actors can create advanced attack strategies, and have been able to attack systems with high AI security implementations. Therefore, although AI is impressive and can improve and enhance cyber security in many ways, just like all other forms of cyber security, it is not impenetrable.
AI may offer many ways for organisations with the resources available to boost their cyber security measures. The ability to ‘learn’ and adapt in terms of threats posed and security measures taken is remarkable, though it must be remembered that no security measure is 100% secure.